php-5.4.19 and php-suhosin-0.9.33-2 breaks session handling

General Discussion of atomic repo and development projects.

Ask for help here with anything else not covered by other forums.
deralte
New Forum User
New Forum User
Posts: 3
Joined: Sun Sep 15, 2013 5:21 am
Location: Austria

php-5.4.19 and php-suhosin-0.9.33-2 breaks session handling

Unread post by deralte »

Hi!

I've installed

php-5.4.19-25.el6.art.i686

and

php-suhosin-0.9.33-2.git1fba865.el6.art.i686

This combination breaks the session handling. You need to apply following pull request patch to make it work again

https://github.com/stefanesser/suhosin/pull/26

Would be nice if you could include it into your rpms.

More details to this bug under

http://robert.penz.name/663/session-ver ... h-suhosin/
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by scott »

Ahh Its already based on the stanfesser branch, if this is something missing, could you send a .patch file?
deralte
New Forum User
New Forum User
Posts: 3
Joined: Sun Sep 15, 2013 5:21 am
Location: Austria

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by deralte »

The first link in my original post is the github pull request for the diff/patch file.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by scott »

Im definitely not seeing it then. Can you diff that against stefanesser-suhosin-1fba865.tgz and send me a patch?
deralte
New Forum User
New Forum User
Posts: 3
Joined: Sun Sep 15, 2013 5:21 am
Location: Austria

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by deralte »

On the first Link I click on "Files Changed" and I get on following page:

https://github.com/stefanesser/suhosin/pull/26/files

where 3 lines are replaced by a 15 lines. or what to you need?
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by scott »

ideally, a .patch against stefanesser-suhosin-1fba865.tgz
ikkk
Forum User
Forum User
Posts: 47
Joined: Wed Jan 05, 2011 3:09 pm

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by ikkk »

# diff session.c session.c.orig
731,736c731
< if (key == NULL || !key[0] ||
< (*mod_data == NULL
< #if PHP_VERSION_ID >= 50400
< && !SESSION_G(mod_user_implemented)
< #endif
< )) {
---
> if (key == NULL || !key[0] || *mod_data == NULL) {
785,790c780
< if (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) ||
< (*mod_data == NULL
< #if PHP_VERSION_ID >= 50400
< && !SESSION_G(mod_user_implemented)
< #endif
< )) {
---
> if (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) || *mod_data == NULL) {
833,838c823
< if (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) ||
< (*mod_data == NULL
< #if PHP_VERSION_ID >= 50400
< && !SESSION_G(mod_user_implemented)
< #endif
< )) {
---
> if (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) || *mod_data == NULL) {
ikkk
Forum User
Forum User
Posts: 47
Joined: Wed Jan 05, 2011 3:09 pm

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by ikkk »

This was against https://github.com/stefanesser/suhosin/ ... master.zip

and with these changes and a compile as a extension - joomla1.5 logins are now working under php5.4.x
ikkk
Forum User
Forum User
Posts: 47
Joined: Wed Jan 05, 2011 3:09 pm

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by ikkk »

Im still having this issue with php-suhosin from atomic on php5.4

heres my howto if it helps anyone to fix this

Code: Select all

mkdir /src
cd /src
wget https://github.com/stefanesser/suhosin/archive/master.zip
yum install unzip
unzip master
cd suhosin-master/
mv session.c session.c.orig
wget https://raw.github.com/blino/suhosin/117b6aa6efec61afaa1431c698dad8eb553b55f5/session.c
phpize 
./configure
make
mv /usr/lib64/php/modules/suhosin.so /usr/lib64/php/modules/suhosin.so.old
cp /src/suhosin-master/modules/suhosin.so /usr/lib64/php/modules/suhosin.so
service httpd restart
ikkk
Forum User
Forum User
Posts: 47
Joined: Wed Jan 05, 2011 3:09 pm

Re: php-5.4.19 and php-suhosin-0.9.33-2 breaks session handl

Unread post by ikkk »

Theres no need for the patch with the suhosin 0.9.36 code - so you can skip these lines:

Code: Select all

mv session.c session.c.orig
wget https://raw.github.com/blino/suhosin/117b6aa6efec61afaa1431c698dad8eb553b55f5/session.c
Post Reply